NEW YORK — Luxury merchant Neiman Marcus confirmed Saturday that thieves may have stolen customers' credit and debit card information and made unauthorized charges over the holiday season, becoming the second retailer in recent weeks to announce it had fallen victim to a cyber-security attack.

The hacking, coming weeks after Target Corp. revealed its own breach, underscores the increasing challenges that merchants have in thwarting security breaches.

Ginger Reeder, spokeswoman for Dallas-based Neiman Marcus Group Ltd., said in an email Saturday that the retailer had been notified in mid-December by its credit card processor about potentially unauthorized payment activity following customer purchases at stores. On Jan. 1, a forensics firm confirmed evidence that the upscale retailer was a victim of a criminal cyber-security intrusion and that some customers' cards were possibly compromised as a result.

Reeder says the retailer, which operates more than 40 upscale stores and clearance stores, is working with the Secret Service. She wouldn't estimate how many customers may be affected but said the merchant was notifying customers whose cards it knew were used fraudulently.

Displaying 1 - 1 of 1 total comment

The ultimate of greed.... The company became aware of a potential problem weeks before Christmas... doesn't do anything about it to protect their customers until after Christmas... and then waits another 11 days after confirmation was made before notifying the public.... got to make sure to make every buck they can instead of trying to protect their customers.